Okay, let's say you have:
- A password that consists of a single unknown character repeated an unknown number of times.
- A strong password hashing algorithm that doesn't impose an upper limit on length.
How hard is your incredibly unwise passphrase for a cracker to guess?
First, you have to know which character it is. If we go with printable ASCII characters, that gives us 94 possibilities.
However, if we stretch the alphabet out to include all UTF-8 codepoints, you get 1,112,064 possible values.
- Lower:
lg(94)= 6.55 bits of entropy (instantly cracked) - Upper:
lg(1112064)= 20.08 bits of entropy (under one second)
Okay, so now that we know which character it is, we're done right? Not quite. There is another piece of information encoded in this insecure chosen password that most people don't think about when thinking in terms of characters: The length of the string.
Unlike variable passwords (which increase O(k^n)), a repeated-character password increases linearly (O(n)). Guessing a two character password requires at most lg(94 * 94) guesses. When it's the same character in both places, it requires lg(94 * 2) to guess all one-character and two-character passwords (assuming you are aware of the strategy being employed).
| Characters | Single | Variable |
|---|---|---|
| 1 | 94 | 94 |
| 2 | 196 | 8836 |
| 3 | 282 | 830584 |
From here, we can extrapolate that a 94-character repeating ASCII password has approximately the same keyspace as a 2 character ASCII password.
How many UTF-8 characters does it take to reach 2^56 bits of entropy (a DES key)?
A randomly chosen UTF-8 codepoint, repeated 64,796,265,357 times, has the same guessability as a DES key.
This is fun until you consider side-channels.